Microsoft Explains Its Monthly Windows Update Rollups

Microsoft this week explained a bit more about "update rollups" for Windows Server and Windows 8.

An update rollup is delivered monthly and isn't the same as a "cumulative update." In other words, a May update rollup for Windows Server won't contain the prior April update. Instead, IT pros and consumer users have to install those earlier update rollups first. Moreover, each update rollup may be "chained" to other updates in a parent-and-child-dependency scheme.

The update sequence and dependencies get addressed automatically for organizations or individuals that have turned on Windows Update, or for IT pros that use Microsoft's Windows Server Update Services or System Center Configuration Manager management solutions. Otherwise, those who manually install these updates have to figure out all of those complexities, according to Microsoft's explanation of update rollups for Windows Server 2012 and Windows 8.

Microsoft claims that it only will create an update rollup to address a "significant event," such as software flaws or data losses. The company also claims that "update rollups are not security related and are intended to improve the overall performance and reliability of Windows." Update rollups are different from the security fixes that Microsoft releases on the second Tuesday of every month. However, Microsoft is still expecting IT pros to test update rollups every month -- just the same as the monthly security bulletins it issues.

"It is expected that these updates [update rollups] can be distributed and tested using the same procedures that are used for the monthly Security updates so as to not significantly increase the burden on IT staff," Microsoft explained.

Microsoft seems to be having an ongoing debate with itself about whether to include security patches within an update rollup, but the definition of update rollups in Microsoft's standard terminology does include the phrase "security updates." Moreover, Microsoft's definition of an update rollup sounds a lot like a service pack, as other observers have noticed. Cumulative updates are different still, as they essentially are a collection of past update rollups.

The debate looks to get even foggier as Microsoft has been talking about quarterly release cadences for some of its newer server software in the coming year.

Microsoft now refers to an "upgrade" as a complete product replacement, whereas an "update" refers to "collections of new features," according to reporting by veteran Microsoft watcher Mary Jo Foley in reference to coming "Windows Blue" updates. Windows Blue is expected to appear as a public preview near Microsoft's Build developer event next month, but descriptions are ill defined at this point. However, Microsoft explained today that it won't charge extra for the Windows Blue updates for its Windows 8 customers.

Foley cites a Microsoft Technical Fellow as explaining that these updates to come aren't technically service packs in chunks.

"One of the fundamental mindset changes with the move from 'Service Packs' to 'Updates' has been that the primary value of Updates is new value -- and sure we'll fix a lot of bugs too, but that's not the focus," explained Brian Harry, Microsoft Technical Fellow and product unit manager for Team Foundation Server, as cited by Foley.

In any case, it looks like IT pros may face a quarterly pace, at minimum, for testing for the various Windows updates to come, regardless of name, in addition to monthly security patch testing.

Microsoft updated an August security advisory this week to urge organizations using the Lightweight Directory Access Protocol in supported Windows systems to implement some configuration changes manually.